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DETAILED ACTION 

1. This action is in response to the communication 0/02/2007. No preliminary 
amendments to the claims were filed. Claims 1-32 are currently pending. 

Information Disclosure Statement 

2. An initialed and dated copy of Applicant's IDS form 1449, filed on 1/2/2007 is 
attached to the Office action. 

Applicant's IDS form 1449 filed on 6/9/2004 has not been considered by the 
examiner, as there is no relevance pertaining to the instant application. Examiner does 
not understand what does "MPEG system stream" has to do with "Security-related 
programming interface" or "implementing security policies on a plurality of security 
engines". It has been placed in the application file, but the information referred to therein 
has not been considered. 

Claim Objections 

3. Claims 21-26 are objected to because of the following informalities: Claim 21 
recites, "calling one or more first functions". Replace "calling one or more first functions" 
with "calling one or more first group of functions" (emphasis added). 

Appropriate correction is required. 
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Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 



4. Claims 1 - 32 are rejected under 35 U.S.C. 101 because the claimed invention is 

directed to non-statutory subject matter. 

As per Claim 1-13, Claims recite a programming interface embodied in one or 
more computer readable media. "Computer readable media" is disclosed in the instant 
specification as "Computer readable media can be any available media 
that can be accessed by a computer. By way of example, and not 
limitation, computer readable media may comprise "computer 
storage media" and "communications media."; "Computer storage 
media" includes volatile and non-volatile, removable and non- 
removable media implemented in any method or technology for 
storage of information such as computer readable instructions, 
data structures, program modules, or other data. Computer 
storage media includes, but is not limited to, RAM, ROM, EE PROM, 
flash memory or other memory technology, CD-ROM, digital 
versatile disks (DVD) or other optical storage, magnetic 
cassettes-, magnetic tape, magnetic disk storage or other 
magnetic storage devices, or any other medium which can be used 
to store the desired information and which can be accessed by. a 
computer." and "Communication media" typically embodies computer 
readable instructions, data structures, program modules, or 
other data in a modulated data signal, such as carrier wave or 
other transport mechanism." (Emphasis added. See paragraphs 
[0363 - 0365] 

The office's current position is that claims involving modulated data signal, such 
as carrier wave do not fall within any of the categories of patentable subject matter set 
forth in 35 USC 101 , and such claims are therefore ineligible for patent protection. See 



1300 OG 142 (November 22, 2005) (in particular, see Annex IV ( c )). 
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Furthermore, security engines and functions are described as "Security 
engines 114-118 may be implemented in software, hardware, or a 
combination of software and hardware. Particular security 
engines are security-related application programs, such as 
antivirus programs and intrusion detection programs." (Emphasis 
added. See paragraph [0023]). 

Examiner interprets Claim 1 as reciting software functions. Therefore, the entire 
claim recites software, which fails to fall into one of the four categories of invention and 
Claims 1 - 13 are non-statutory. 

As per Claims 14-32, merely claimed as application programs and as means 
for where the means is implemented in software representing a computer listing per se, 
that is descriptions or expressions such as a program that is, descriptive material per 
se, non-functional descriptive material, is not statutory because it is not a physical 
"thing" nor a statutory process, as there are not "acts" being performed. Such claimed 
computer programs do not define any structural and functional interrelationships 
between the computer program and other claimed aspects of the invention which 
permits the computer program's functionality to be realized. Warmerdam, 33 F 3d at 
1361, 31 USPQ2d at 1760. In re Sarkar, 588 F.2d 1330, 1333, 200 USPQ 132, 137 
(CCPA 1978). See MPEP 2106(IV)(B)(1)(a). 

The specification of the instant application describes that the present invention 
can be implemented as software, thereby rendering the means for language as 
computer software. In re Donaldson Co., 16 F.3d 1189, 29 USPQ2d 1845 (Fed. Cir. 
1994), decided that the "broadest reasonable interpretation" that an examiner may give 
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means-plus-function language is that statutorily mandated in paragraph six. 
Accordingly, the PTO may not disregard the structure disclosed in the specification 
corresponding to such language when rendering a patentability determination. 

See MPEP 2181 also. Therefore, giving the claims their broadest reasonable 
interpretation, while keeping the structure disclosed in the specification in my mind, one 
of ordinary skill in the art would construe claims 14 - 32 as representing a computer 
program per se. 



Double Patenting 

The nonstatutory double patenting rejection is based on a judicially created 
doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the 
unjustified or improper timewise extension of the "right to exclude" granted by a patent 
and to prevent possible harassment by multiple assignees. A nonstatutory 
obviousness-type double patenting rejection is appropriate where the conflicting claims 
are not identical, but at least one examined application claim is not patentably distinct 
from the reference claim(s) because the examined application claim is either anticipated 
by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 
F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 
.USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 
1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 
F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 
644 (CCPA 1969). 

A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) 
may be used to overcome an actual or provisional rejection based on a nonstatutory 
double patenting ground provided the conflicting application or patent either is shown to 
be commonly owned with this application, or claims an invention made as a result of 
activities undertaken within the scope of a joint research agreement. 

Effective January 1 , 1994, a registered attorney or agent of record may sign a. 

terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply 

with 37 CFR 3.73(b). 
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5. Claims 1 - 32 are provisionally rejected on the ground of nonstatutory 
obviousness-type double patenting as being unpatentable over amended claims 1 - 5, 8 
- 17 and 19 - 32 of copending Application No. 10/729,096. Although the conflicting 
claims are not identical, they are not patentably distinct from each other because the 
instant case, all elements of claims 1 - 32 correspond to the claims of 1 - 5, 8 - 17 and 
19 - 32 of the copending application claims, except in the instant claims element 
"communicates new data associated with an existing security policy", is referred in the 
copending application claims as "communicating ...a password that does not comply 
with predetermined criteria". It would have been obvious to one having ordinary skill in 
the art to recognize that communicating new data and associating it with an existing 
security policy is equivalent to identifying and communicating that the password does 
not comply with the predetermined (existing) criteria (security policy). 

This is a provisional obviousness-type double patenting rejection because the 
conflicting claims have not in fact been patented. 

6. Claims 1 - 32 are provisionally rejected on the ground of nonstatutory 
obviousness-type double patenting as being unpatentable over claims 1 - 53 of 
copending Application No. 10/729,530. Although the conflicting claims are not identical, 
they are not patentably distinct from each other because the instant case, all elements 
of claims 1 - 32 correspond to the claims of 1 - 53 of the copending application claims, 
except in the instant claims element "communicates new data associated with an 
existing security policy ... instructs the plurality of security engines to replace an existing 
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security policy with the new security policy", is referred in the copending application 
claims as "accessing a new security policy ...plurality of security engines processing at 
least a portion of the new security policy ...and switching, after each of the plurality of 
security engine is ready to begin using the new security policy, each of the plurality of 
security engines to the new rules substantially concurrently". It would have been 
obvious to one having ordinary skill in the art to recognize that communicating new data 
and associating it with an existing security policy is equivalent to accessing a new 
security policy and switching to the new rules concurrently. 

This is a provisional obviousness-type double patenting rejection because the 
conflicting claims have not in fact been patented. 

7. Claims 1-32 are provisionally rejected on the ground of nonstatutory 
obviousness-type double patenting as being unpatentable over the amended claims 1 - 
60 of copending Application No. 10/456,606. Although the conflicting claims are not 
identical, they are not patentably distinct from each other because the instant case, all 
elements of claims 1 - 32 correspond to the amended claims of 1 - 60 of the copending 
application claims, except in the instant claims element "communicates new data 
associated with an existing security policy", is referred in the copending application 
claims as "security service configured to monitor in real time the security-related 
information from the plurality of sources, the security service receiving automatic 
updates ... performing actions to protect actions to protect the system based on the 
security related information". It would have been obvious to one having ordinary skill in 
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the art to recognize that communicating new data and associating it with an existing 
security policy is equivalent to identifying and updating the security settings and 
protecting the system based on the security-related information. 

This is a provisional obviousness-type double patenting rejection because the 
conflicting claims have not in fact been patented. 

8. Claims 1 - 32 are provisionally rejected on the ground of nonstatutory 
obviousness-type double patenting as being unpatentable over amended claims 8-22 
and 34 - 37 of copending Application No. 10/456,093. Although the conflicting claims 
are not identical, they are not patentably distinct from each other because the instant 
case, all elements of claims 1 - 32 correspond to the claims of 8 - 22 and 34 - 37 of the 
copending application claims, except in the instant claims element "communicates new 
data associated with an existing security policy", is referred in the copending application 
claims as "installing new filter ... into the policy engine .. comparing the new filter ... and 
notifying ... about the new filter". It would have been obvious to one having ordinary skill 
in the art to recognize that communicating new data and associating it with an existing 
security policy is equivalent to identifying and processing new filter and further installing 
the new filter (taking action if the new data corresponds to the existing policy and 
updating the new security policy). 

This is a provisional obviousness-type double patenting rejection because the 
conflicting claims have not in fact been patented. 
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9. Claims 1 - 32 are provisionally rejected on the ground of nonstatutory 
obviousness-type double patenting as being unpatentable over amended claims 1-158 
of copending Application No. 1 0/41 1 ,876. Although the conflicting claims are not 
identical, they are not patentably distinct from each other because the instant case, all 
elements of claims 1-32 correspond to the claims of 1—158 of the copending 
application claims, except in the instant claims element "communicates new data 
associated with an existing security policy", is referred in the copending application 
claims as "a group policy management program and set of program interfaces operating 
on group policy related data and communicating with a directory service that is 
associated with the group policy related data to perform the requested operation". It 
would have been obvious to one having ordinary skill in the art to recognize that 
communicating new data and associating it with an existing security policy is equivalent 
to managing and communicating group policy (security policy). 

This is a provisional obviousness-type double patenting rejection because the 
conflicting claims have not in fact been patented. 

Claim Rejections - 35 USC §112 ^ 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

10. Claims 1 - 32 are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 
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Claims 1 - 32 recite "first group of functions", "second group of functions", "first 
function", "second function", "third function", "fourth function", "fifth function" and "sixth 
function". However, no actual definition for these functions has been recited in the 
claims. 

Applicant is advised to amend the claims to clearly state these functions when 
filing response. Examiner will broadly interpret these functions as instructions to the 
security engines to modify existing security policy. 



Claim Rejections - 35 USC § 102 



The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 



11. Claims 1 - 32 are rejected under 35 U.S.C. 102(e) as being anticipated by Ko et 
al. (U.S. Patent Number 6,789,202). 



12. As per Claims 1 and 21 , Ko teaches, "a first group of functions related to 
communicating a new security policy to a plurality of security engines, wherein each of 
the plurality of security engines is configured to replace an existing security policy with 
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the new security policy; and a second group of functions related to communicating an 
indication of each security engine's readiness to implement the new security policy" 
(Fig. 2, 3; Summary and Column 4 line 51 - Column 5 line 4 and Column 6 line 19 - 
Column 7 line 22). 

13. As per Claims 14 and 27, Ko teaches, "a first function that communicates a new 
security policy to the plurality of security engines; a second function that identifies 
whether each of the plurality of security engines is prepared to apply the new security 
policy; and a third function that instructs each of the plurality of security engines to 
implement the new security policy after determining that all of the security engines are 
prepared to apply the new security policy" (Fig. 2, 3; Summary and Column 4 line 51 - 
Column 5 line 4 and Column 6 line 19 - Column 7 line 22). 

14. As per Claim 2, Ko teaches," wherein the first group of functions includes a 
method that instructs each of the plurality of security engines to delete the new security 
policy" (Column 4 line 51 - Column 5 line 4 and Column 6 line 19 - Column 7 line 22). 

15. As per Claim 3, Ko teaches, "wherein the first group of functions includes a 
method that initializes a particular security engine" (Column 4 line 51 - Column 5 line 4 
and Column 6 line 19 - Column 7 line 22). 
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16. As per Claim 4, Ko teaches, "wherein the first group of functions includes a 
method that instructs each of the plurality of security engines to implement the new 
security policy" (Column 4 line 51 - Column 5 line 4 and Column 6 line 19 - Column 7 
line 22). 

17. As per Claim 5, Ko teaches, "wherein the first group of functions further 
comprises a method that communicates new data associated with an existing security 
policy to at least one of the plurality of security engines" (Column 4 line 51 - Column 5 
line 4 and Column 6 line 19 - Column 7 line 22). 

18. As per Claim 6, Ko teaches, "wherein the first group of functions further 
comprises a method that communicates configuration information to at least one of the 
plurality of security engines" (Column 5 lines 5-25 and Column 6 line 19 - Column 7 
line 22). 

19. As per Claim 7, Ko teaches, "wherein the second group of functions includes a 
method that indicates whether a particular security engine has implemented the new 
security policy" (Column 4 line 51 - Column 5 line 4 and Column 6 line 19 - Column 7 
line 22). 
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20. As per Claim 8, Ko teaches, "wherein the second group of functions further 
comprises a method that retrieves updated data associated with a particular security 
policy" (Column 4 line 51 - Column 5 line 4 and Column 6 line 19 - Column 7 line 22). 

21. As per Claim 9, Ko teaches," wherein the second group of functions further 
comprises a method that communicates new data identified by one of the plurality of 
security engines to a security agent" (Column 4 line 51 - Column 5 line 4 and Column 6 
line 19 - Column 7 line 22). 

22. As per Claim 10, Ko teaches, "wherein the second group of functions further 
comprises a method that allows one of the plurality of security engines to query a user 
of a system containing the plurality of security engines" (Column 5 line 5-20 and 
Column 6 line 19 - Column 7 line 22). 

23. As per Claim 1 1 , Ko teaches, "wherein at least one of the plurality of security 
engines implements an antivirus service" (Column 6 lines 3 - 17 and Column 6 line 19 - 
Column 7 line 22). 

24. As per Claim 12, Ko teaches, "wherein at least one of the plurality of security 
engines implements a firewall application" (Column 6 line 3-17 and Column 6 line 19 - 
Column 7 line 22). 
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25. As per Claim 13, Ko teaches, "wherein the plurality of security engines implement 
the new security policy after all security engines have indicated a readiness to 
implement the new security policy" (Column 4 line 51 - Column 5 line 4 and Column 6 
line 19 - Column 7 line 22). 

26. As per Claim 1 5, Ko teaches, "a fourth function that causes each of the plurality 
of security engines to delete the new security policy if at least one of the plurality of 
security engines is unable to apply the new security policy" (Column 4 line 51 - Column 
5 line 4 and Column 6 line 19 - Column 7 line 22). 

27. As per Claim 16, Ko teach, "a fourth function related to communicating event 
information identified by a first security engine to the other security engines" (Column 4 
line 51 - Column 5 line 4 and Column 6 line 19 - Column 7 line 22). 

28. As per Claim 1 7, Ko teach, "a fourth function related to communicating security- 
related information identified by a first security engine to an event manager" (Column 5 
line 19-28 and Column 6 line 19 - Column 7 line 22). 

29. As per Claim 1 9, Ko teaches, "wherein at least one of the plurality of security 
engines is associated with a first type of security attack" (Column 6 lines 3 - 17 and 
Column 6 line 1 9 - Column 7 line 22). 
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30. As per Claim 22, Ko teaches, "wherein the security-related information identifies 
a type of security attack" (Column 6 lines 3-17 and Column 6 line 19 - Column 7 line 
22). 

31. As per Claim 23, Ko teaches, "calling one or more fourth functions to facilitate 
communicating a revised security policy to the first security engine" (Column 6 lines 3 - 
1 7 and Column 6 line 1 9 - Column 7 line 22). 

32. As per Claim 24, Ko teaches, "calling one or more fourth functions to facilitate 
communicating configuration information to the first security engine" (Column 6 lines 3 - 
17 and Column 6 line 19 - Column 7 line 22). 

33. As per Claim 25, Ko teaches, "calling one or more fourth functions to facilitate 
instructing the first security engine and the second security engine to implement the 
security policy" (Column 4 line 51 - Column 5 line 4 and Column 6 line 19 - Column 7 
line 22). 

34. As per Claim 26, Ko teaches, "calling one or more fourth functions to facilitate 
communicating a revised security policy to the first security engine" (Column 4 line 51 - 
Column 5 line 4 and Column 6 line 19 - Column 7 line 22). 
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35. As per Claim 28, Ko teaches, "means for exposing a fourth function that 
communicates a new security policy to the plurality of security engines; and means for 
exposing a fifth function that instructs the plurality of security engines to replace an 
existing security policy with the new security policy (Column 4 line 51 - Column 5 line 4 
and Column 6 line 19 - Column 7 line 22). 

36. As per Claim 30, Ko teaches, "wherein the security-related event is detection of a 
virus" (Column 6 lines 3-17 and Column 6 line 19 - Column 7 line 22). 

37. As per Claim 31 , Ko teaches, "wherein the security-related event is an 
unauthorized attempt to access a storage device" (Column 6 lines 3-17 and Column 6 
line 19 - Column 7 line 22). 

38. As per Claim 32, Ko teaches, "means for exposing a fourth function that notifies 
the event manager that a particular security engine has finished processing another 
function call" (Column 6 lines 3-17 and Column 6 line 19 - Column 7 line 22). 

34. As per Claim 18, Ko teaches, "wherein the event manager communicates the 
security-related information to at least one of the plurality of security engines" (Column 5 
line 1 9 - 28 and Column 6 line 1 9 - Column 7 line 22). 
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35. As per Claim 20, Ko teaches, "wherein at least one of the plurality of security 
engines is associated with a second type of security attack" (Column 6 lines 3-17 and 
Column 6 line 19 - Column 7 line 22). 

36. As per Claim 29, Ko teaches, "means for exposing a sixth function that instructs 
the plurality to security engines to delete the new security policy if at least one of the 
plurality of security engines cannot implement the new security policy" (Column 4 line 
51 - Column 5 line 4 and Column 6 line 1 9 - Column 7 line 22). 

Conclusion 

Examiner's Note: Examiner has cited particular columns and line numbers in the 
references as applied to the claims above for the convenience of the applicant. 
Although the specified citations are representative of the teachings in the art and are 
applied to the specific limitations within the individual claim, other passages and figures 
may apply as well. It is respectfully requested from the applicant, in preparing the 
responses, to fully consider the references in entirety as potentially teaching all or part 
of the claimed invention, as well as the context of the passage as taught by the prior art 
or disclosed by the examiner. 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. See PTO Form 892. • 
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Applicant is urged to consider the references. However, the references should be 
evaluated by what they suggest to one versed in the art, rather than by their specific 
disclosure. If applicants are aware of any better prior art than those are cited, they are 
required to bring the prior art to the attention of the examiner. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Pramila Parthasarathy whose telephone number is 571- 
272-3866. The examiner can normally be reached on 8:00a.m. To 5:00p.m.. If attempts 
to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Nasser Moazzami can be reached on 571-232-4195. Any inquiry of a general nature or 
relating to the status of this application or proceeding should be directed to the 
receptionist whose telephone number is 703-305-3900. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR only. For more 
information about the PAIR system, contact the Electronic Business Center (EBC) at 
866-217-9197 (toll-free). 




